Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11How to protect your computer from Thunderspy attack
Thunderbolt is a hardware brand interface developed by Intel that acts as an interface between computers and external devices. Many companies now use Thunderbolt to connect to a variety of devices, but according to research at Eindhoven University of Technology, the security behind Thunderbolt can be broken using a technique - Thunderspy.
This technique implements an attack by silently allowing an attacker to access the direct memory access (DMA) function to endanger devices. The danger of this attack is to leave no trace nor execute any malware. It can bypass the best security check and lock the victim's computer. So even if the computer has security features like Secure Boot, a strong BIOS and operating system account password and activates encryption of the entire hard disk, Thunderspy will still ignore everything.
Several ways to protect your computer from Thunderspy
1. Secured-core PC protections
Microsoft's Windows Security provides Windows Defender System Guard and virtualization-based security. However, you need a device that uses Secured-core PCs. This technology uses native hardware security in modern CPUs to boot the system into a trusted state. It helps to reduce the execution of malware attacks at the firmware level.
Therefore, you should not disable the system default Windows Security program to be able to maintain the protection.
Windows Defender System Guard feature of Windows Security
2. Kernel DMA protection
Introduced in Windows 10 version 1803, the Kernel DMA protection helps prevent foreign devices from Direct Memory Access (DMA) attacks with PCI plug-in devices like Thunderbolt.
That means that if someone tries to copy malicious Thunderbolt software to the machine, it will be blocked at the Thunderbolt port. However, this feature is not effective when hackers have Windows login account and password.
4.5 ★ | 2 Vote
Micah SotoYou should read it
- Discovered a group of hackers who use secret code to spy on 21 countries
- Warning: Dangerous new malicious code spills over to Vietnam
- Watch out for new dangerous viruses similar to WannaCry
- 100 hackers were arrested for the super-dangerous BlackShades malicious code
- New weapons against malicious code are 'cloud' computing.
- Warning: New malicious code is infecting about 500,000 router devices
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- Embed malicious code into PDF file without security error
May be interested
- What is Quishing? How to prevent a Quishing attack?
what is a quishing attack? how does this form of attack work and what can you do to protect yourself from being targeted? - What is a Replay Attack?a replay attack occurs when a cybercriminal eavesdroves a communication over a secure network, intercepts it, then delays or resends the content, to get the recipient to do what the hacker wants.
- What is Volumetric DDoS Attack?volumetric ddos attack is designed to overwhelm internal network capacity with large volumes of malicious traffic. volumetric ddos attack is usually performed against a specific target
- Ways to protect your home in Coin Masterthese are ways you can protect your home in coin master, using these will help you completely block the day attack.
- What is SS7 attack? What can hackers use it for?an ss7 attack is a very dangerous attack method. an ss7 attack can be used to bypass two-factor authentication. so what specifically is the ss7 attack? what can a hacker do with an ss7 attack?
- Configure Windows XP SP2 network protection technologies on a computera computer connected to the internet may appear vulnerable to an attack. the attack here is an intentional crossing of the computer's security layer or taking away the right to use the computer.
- What to do to protect the device from ZombieLoad attack?recently a new vulnerability was found on intel processor chip called zombieload that made users worried. if you are looking for ways to protect your device, then you are in the right place.
- Analysis of an attack (Part 3)in part 2 of this series, we have left all the necessary information required for an attack on the victim network. with that note, let's continue with a real attack. this attack follows the transmission of ecommerce
- What is Smurf Attack? How to prevent Smurf Attack?smurf attack is a type of ddos attack, hackers will attack the victim's server by sending fake ip requests using internet control message protocol to create fake accesses that overload the target device or network.
- It turns out this is how hackers attack your computer through the main screenthe video clearly shows how he entered the user's computer through the main screen, creating a vulnerability on the computer to steal personal information. in this way, the hacker can even change the amount of money in the user's bank account.
Security solution
- Mandrake: Super sophisticated Android malicious code, only 4 years to be discovered
- The new Microsoft 365 login pages are fake
- More than 4,000 Android apps reveal user information
- How to use Emsisoft Decryptor to recover files encrypted by DJVU ransomware
- Warning about Ransomware Sqpc, belonging to STOP / Djvu
- SaltStack has the most serious vulnerability ever, thousands of servers can be seriously affected
Mandrake: Super sophisticated Android malicious code, only 4 years to be discovered
The new Microsoft 365 login pages are fake
More than 4,000 Android apps reveal user information
How to use Emsisoft Decryptor to recover files encrypted by DJVU ransomware
Warning about Ransomware Sqpc, belonging to STOP / Djvu
SaltStack has the most serious vulnerability ever, thousands of servers can be seriously affected